Nagios Support Forum

Hi
I use
Nagios Core 4.2.1 on Red Hat Enterprise Linux Server release 6.7 (Santiago)
and I testing check_nrpe 3.2.0 client and NSCLIENT++ installed by package NSCP-0.5.0.62-x64.exe
on windows 2008 environment

in the nsclient.ini I configured
[/settings/default]
password = PWD
allowed_hosts = 10.XX.XX.XXX
[/settings/NRPE/server]

ssl options = no-sslv2,no-sslv3
verify mode = peer-cert
insecure = true

[/modules]
CheckExternalScripts = 1
CheckHelpers = 1
CheckNSCP = 1
CheckDisk = 1
CheckSystem = 1
CheckEventLog = 1
NSCAClient = 1
WEBSErver = 1
NRPEServer = 1

from my server nagios I did
./check_nrpe -H 10.209.12.176 -g log.txt
CHECK_NRPE: Error - Could not connect to 10.209.12.176: Connection reset by peer

and in the log I found
[1498732950] Error: (nerrs = 0)(!log_opts) Could not complete SSL handshake with 10.209.12.176: rc=-1 SSL-error=5

Edit the nsclient.ini file and change the following lines under the [/settings/NRPE/server] section from
to Also, add the following lines in that section if you are going to use arguments with the check_nrpe plugin and another ssl setting that is needed. Save the file and restart the NSClient++ service.
Those changes should allow the check_nrpe to connect to the Windows system.

I set up your suggestion in nsclient.ini file (and then I restarted in nscliet service)
but nothing is change

[/settings/default]
password = password
allowed_hosts = NAGIO IP
[/settings/NRPE/server]
ssl options =
verify mode = none
[/modules]
CheckExternalScripts = 1
CheckHelpers = 1
CheckNSCP = 1
CheckDisk = 1
CheckSystem = 1
CheckEventLog = 1
NSCAClient = 1
WEBSErver = 1
NRPEServer = 1

./check_nrpe -H 10.209.12.176 -g log.txt
CHECK_NRPE: Error - Could not connect to 10.209.12.176: Connection reset by peer

and in the log I found
[1498739822] Error: (nerrs = 0)(!log_opts) Could not complete SSL handshake with 10.209.12.176: rc=0 SSL-error=5


I did another command
./check_nrpe -H 10.209.12.176 -n -g log.txt
CHECK_NRPE: Receive header underflow - only 0 bytes received (4 expected).

and in the log I found
[1498808648] Remote 10.209.12.176 does not support Version 3 Packets
[1498808648] Remote 10.209.12.176 accepted a Version 2 Packet

-n, --no-ssl Do no use SSL

If I did
./check_nrpe -H 10.209.12.176 -n --v2-packets-only
I got the same message ....CHECK_NRPE: Receive header underflow - only 0 bytes received (4 expected).

-2, --v2-packets-only Only use version 2 packets, not version 3

Do you have any other suggestions ?

Thanks
Emilio

It looks like too many options in the nsclient.ini file were removed from the [/settings/NRPE/server] section.
Edit the nsclient.ini file again and make sure it has all of the settings like the example below.
Save the file and restart NSCLient++ on the Windows System

Here the only information inside the nsclient.ini

[/settings/default]
password = nagios
allowed_hosts = 127.0.0.1,10.209.50.128
[/settings/NRPE/server]
ssl options =
verify mode = none
insecure = true
use ssl = 1
allow arguments = true
allow nasty characters = true
[/modules]
NRPEServer = enabled

command from nagios unix system
./check_nrpe -H 10.209.12.176 -n -g emi.log
CHECK_NRPE: Receive header underflow - only 0 bytes received (4 expected).

here what I found in the emi.log file
[1499067167] Remote 10.209.12.176 does not support Version 3 Packets
[1499067167] Remote 10.209.12.176 accepted a Version 2 Packet

SOLVE

I found an error in nsclient.ini
I modified
allowed_hosts = 127.0.0.1,10.209.50.128

to
allowed hosts = 127.0.0.1,10.209.50.128

without "_"

thanks for the help
Emilio

Did you have any further (related) questions or are we okay to close this thread?

You can close it !!!

thanks a lot